2 1/2 alternatives to the Computer Security Incident Handler (CSIH) certification
Software Engineering Institute (SEI), part of Carnegie Mellon, is going to retire the Computer Security Incident Handler certification (CSIH) this year. While it may come as a disappointment, don’t fret. There are two-and-a-half alternatives to this certification: GIAC Certified Incident Handler (GCIH), Certified Incident Handler by EC-Council (E|CIH) and Incident Response and Network Forensics.
FREE role-guided training plans
CSIH certification
The CSIH certification is an incident handler and responder certification for information security professionals with one or more years of professional experience in incident handling or equivalent information security-related work experience. CSIH verifies that the certification handler has the skills to excel in incident handling for organizations as well as instructing them how to keep organizations current with the latest network security knowledge. This certification was retired on May 1, 2021, at which point SEI will no longer be issuing this certification to candidates. Also known as CERT-CSIH, current holders of this certification should know that the CSIH cert will cease being an approved DoD 8570 baseline certification. Not surprisingly, DoD no longer lists CISH as an approved certification.
With all of this said, there are four alternative certifications you can earn as a replacement for this incident handling certification that is very soon to be obsolete.
GCIH
The GIAC Certified Incident Handler certification (GCIH) is a viable replacement for the CSIH certification. This certification verifies that the certification holder understands what a security incident is, and how to handle an incident once it has occurred. In other words, the holder will know how to detect, respond to and resolve information security incidents with the help of a wide range of security skills. The certification is intended for incident handlers, incident responders and a wide range of information security professionals.
The GCIH certification covers three main areas of information:
- Incident handling and computer crime investigation
- Computer and network hacker exploits
- Hacker tools (Nmap, Nessus, Metasploit and Netcat)
Other certification exam information:
- Exam questions: 150
- Exam length: four hours
- Minimum passing score: 73%
Infosec offers a GCIH training boot camp, more details are available here.
Certified Incident Handler (E|CIH)
Certified Incident Handler (E|CIH) is an alternative certification that is a good replacement for CSIH. Also known as E|CIH v2 as the certification exam is on its second version, this certification has a prerequisite of one year of cybersecurity experience, which is a little broader than the one year of incident handler experience that CSIH requires but it is still in the general ballpark. Another requirement to sit for the E|CIH certification exam is that you need to complete an official E|CIH course.
It should be noted that E|CIH is not a DoD 8750 baseline certification, so if you are looking for an alternative that is compliant with DoD 8750, I humbly refer you to GCIH. For roles that do not need to comply with DoD 8750 regulations, this certification is a solid alternative for CSIH.
This certification covers the following:
- Incident handling and response
- Forensics readiness and first response
And it covers handling and responding to the following incidents:
- Malware
- Email security
- Network security
- Web application security
- Cloud security
- Insider threats
Other important certification exam information:
- Exam questions: 100
- Exam length: three hours
- Exam format: multiple choice
- Passing exam score: 70%
Incident Response and Network Forensics
The Incident Response and Network Forensics training offered by Infosec is not a certification per se, it is the half in this article’s title that probably made you scratch your head. What Incident Response and Network Forensics is is an alternative to CSIH that equips those that take this training boot camp with the knowledge and skills that can help you obtain incident handling and incident response certifications as well as strong network forensics training. How it works is it builds your knowledge regarding incident response and network forensics with a combination of hands-on labs and instruction from subject matter experts. This training is intended for incident response professionals, information security professionals such as computer security incident response team members (CSIRT) and those looking to learn more about this exciting corner of information security.
To take part in this training, you will need to have one or more years of professional work experience in incident handling or the equivalent experience gained in another information security role.
What should you learn next?
Replacing the Computer Security Incident Handler certification
The Computer Security Incident Handler (CSIH) certification is retired as of May 1, 2021. If this seems like a monkey wrench in your plans, don’t fret; there are two-and-a-half solid alternatives to CSIH that will close the certification gap that this soon-to-be-retired certification formerly filled. If you need an alternative certification that satisfies DoD 8750, GCIH is going to be the alternative to CSIH for you.
Sources
Incident Response and Network Forensics, Infosec Institute
EC-Council Certified Incident Handler, EC-Council
GCIH Certification, GIAC
In this Series
- 2 1/2 alternatives to the Computer Security Incident Handler (CSIH) certification
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity